After a rash of attacks against US businesses and government agencies throughout the past few months, the White House is now putting the issue of Chinese state-backed hacking on the front burner. Many of these attacks have been tied by network security firms directly or indirectly to a unit of the Chinese People's Liberation Army (PLA), though Chinese officials still deny any link to the attacks (they claim that China's networks are victims being targeted as well). However, country officials signaled a willingness to talk with the US about cooperation on Internet security—even if it's not clear whether or not the Chinese civilian government is completely in control of the PLA's operations.

White House National Security Advisor Tom Donilon said yesterday that the ongoing alleged Chinese attacks and theft of data from US government and business networks has elevated "cyber" to the top of President Obama's priority list in policy toward China. "From the President on down, this has become a key point of concern and discussion with China at all levels of our government," Donilon told an audience at the Asia Society in New York. "And it will continue to be."

The Obama administration is seeking three things from China's leadership with regard to cyber-espionage, Donilon said. "First, we need a recognition of the urgency and scope of this problem and the risk it poses—to international trade, to the reputation of Chinese industry, and to our overall relations. Second, Beijing should take serious steps to investigate and put a stop to these activities. Finally, we need China to engage with us in a constructive direct dialogue to establish acceptable norms of behavior in cyberspace."

In February, network security firm Mandiant released a 74-page report detailing what the company had learned in its investigations into a number of cyber attacks, including the one it helped The New York Times counter. According to the report, Chinese state-sponsored hackers have stolen data from 141 organizations during the last seven years. The company pinpointed the source of those attacks, which they designated as "APT1" (as in Advanced Persistent Threat)—known by security researchers as the "Comment Crew" or "Shanghai Group"—as members of the PLA's Unit 61398. The company also released a video showing some of the activities of the members of the unit:

A video of actual sessions and attack activities of APT1, which Mandiant claims is PLA's Unit 61398 in Shanghai.

The US intelligence community has long warned that China's government has been waging a campaign of industrial and military espionage through hacking. And for just as long, China's government has denounced the claims as fraudulent, claiming that it has constantly offered to help crack down on hacking. Chinese officials responded today to Donlon's comments defensively but again claimed China was open to cooperation in cracking down on Internet threats.

In a daily news briefing this morning, Chinese Foreign Ministry spokesperson Hua Chuying said that "China is willing, on the basis of the principles of mutual respect and mutual trust, to have constructive dialogue and cooperation on this issue with the international community, including the United States, to maintain the security, openness, and peace of the Internet." But she added that China is also a victim of cyber-attacks, claiming that two major Chinese military websites were attacked more than 140,000 times per month over the last year—with about two-thirds of the attacks coming from the US.

According to a report by The New York Times, the Obama administration has been talking to Chinese leadership about cyber-attacks for years. A senior US official told NYT that "what we are hoping to do is force the Chinese civilian leadership to realize that the PLA is interfering with their foreign policy." That would suggest the White House believes that the PLA is acting on its own without direct approval from China's civilian government.

Thanks to Ars for covering news like this. I read all of it. Just a quick, friendly note that the author should probably put a PLA in parenthesis after the first mention of the People's Liberation Army, to prevent acronym confusion. Thanks!

Really? The extent of this administration's foreign policy and diplomatic skills is "pretty please with sugar on top?"

There's a reason why the US has been viewed as weak and an appeaser nation for the past few years. It will be interesting to see how this administration handles the coming showdown with Iran that the rest of the world seems to be getting ready and pushing for.

There's a world of difference between using an extremely targeted virus to temporarily disable centrifuges at a nuclear plant that (most likely) is involved in making nuclear weapons and state-sponsored hacking solely for the purpose of stealing state secrets and intellectual property.

It is troublesome that our government is simply asking them to stop for a couple of reasons.

1.)I don't believe we aren't doing this same type of "warfare" to them.2.) Asking them to stop hints towards a frustration coming from our government

What worries me more is number 2. Is our government frustrated because they simply cannot compete at this type of warfare for the time being? Or are they they feigning frustration just to make an attempt to get China to back off while they continue their attacks.

To everyone that thinks the USA should get tough---How?? What actions would you have the government take that would stand international scrutiny. There are enough problems trying to sanction Iran, who has a tangible nuclear problem with clear malevolent intentions. Pinning the tail on this donkey is a fools errand.

Plausible deniability and obfuscation is a hallmark of the internet. Even if China were to stop State sponsored corporate espionage, there's zero probability that independent hackers won't continue to try to steal valuable technology for resale. And I guarantee you that all countries are involved in military espionage.

Really? The extent of this administration's foreign policy and diplomatic skills is "pretty please with sugar on top?"

Might be my impression as foreigner, but I doubt a government that sent a crew composed of 40 top special forces units in stealth choppers into a another country to kill a man isn't taking other intelligence/black ops activities to counter these hackers.

Preventing a theocratic terror supporting regime from obtaining nuclear weapons is the moral high ground.Governments hacking into private companies to steal trade secrets or hacking media for writing stories that they don't like is the moral low ground.

The US intelligence community has long warned that China's government has been waging a campaign of industrial and military espionage through hacking. And for just as long, China's government has denounced the claims as fraudulent, claiming that it has constantly offered to help crack down on hacking. Chinese officials responded today to Donlon's comments defensively but again claimed China was open to cooperation in cracking down on Internet threats.

China doesn't really have a choice when it comes to publicly denying that they are conducting industrial and military espionage on US sovereign territory. They have no choice because the US has made it policy that performing these hacks is basically an act of war.

The US intelligence community has long warned that China's government has been waging a campaign of industrial and military espionage through hacking. And for just as long, China's government has denounced the claims as fraudulent, claiming that it has constantly offered to help crack down on hacking. Chinese officials responded today to Donlon's comments defensively but again claimed China was open to cooperation in cracking down on Internet threats.

China doesn't really have a choice when it comes to publicly denying that they are conducting industrial and military espionage on US sovereign territory. They have no choice because the US has made it policy that performing these hacks is basically an act of war.

The issue here is that US is doing the exact same thing and has been for ages. Plus there is the tiny issue of Chinese actually having ICBMs that can nuke the shit out of quite a few cities in US. So this is not afghanistan or some similar country that can't defend itself against US. Stick to picking on people without nukes (strangely enough that kind of behaviour by US is what is pushing everyone to get nukes as it's the only way to keep the fucks at bay).

Who would have guessed that my mother was teaching cutting edge foreign policy and diplomacy when she taught her children to calmly talk through and work out problems out instead of immediately coming to blows.

Really? The extent of this administration's foreign policy and diplomatic skills is "pretty please with sugar on top?"

There's a reason why the US has been viewed as weak and an appeaser nation for the past few years. It will be interesting to see how this administration handles the coming showdown with Iran that the rest of the world seems to be getting ready and pushing for.

And none of that will change any time soon due to right-wing trade policies.

The United States gleefully allowed China to get a death grip on the nation's collective testicles in exchange for some cheaply made garbage.

Until the right-wing trade policies are remedied and manufacturing is brought back stateside there will be little if anything that the USA can do to influence China in anything. They pretty well own the USA due to the inability of the USA to manufacture anything for itself.

I don't see this going anywhere. While recent news has pointed at the Chinese hacking originating from their government, I suspect a good chunk of it is corporate level espionage. And since 'hacking is illegal in China', China will say it's hands are tied and do nothing. Plus, since we've called out the recent attacks originating from their government, they'll move the source of the attacks from gov't buildings to the Chinese version of Starbucks wifi.

As for the US, something tells me the decision makers won't just stop hacking China. It's Team America -- World Police. Fck yah!

Really? The extent of this administration's foreign policy and diplomatic skills is "pretty please with sugar on top?"

There's a reason why the US has been viewed as weak and an appeaser nation for the past few years. It will be interesting to see how this administration handles the coming showdown with Iran that the rest of the world seems to be getting ready and pushing for.

And none of that will change any time soon due to right-wing trade policies.

The United States gleefully allowed China to get a death grip on the nation's collective testicles in exchange for some cheaply made garbage.

Until the right-wing trade policies are remedied and manufacturing is brought back stateside there will be little if anything that the USA can do to influence China in anything. They pretty well own the USA due to the inability of the USA to manufacture anything for itself.

Thank you so much for having the backbone to put that so bluntly and deal with the downvotes.

This is why I'm so damn determined to get into 3D printing. I've mentioned wanting to get involved with it on a few other articles. It's why K'Nex are my favorite toy. The only way we're going to get our manufacturing ability back is if we automate it.

I'm actually going to go right from this article to looking at DIY 3D printers!

It is troublesome that our government is simply asking them to stop for a couple of reasons.

1.)I don't believe we aren't doing this same type of "warfare" to them.2.) Asking them to stop hints towards a frustration coming from our government

What worries me more is number 2. Is our government frustrated because they simply cannot compete at this type of warfare for the time being? Or are they they feigning frustration just to make an attempt to get China to back off while they continue their attacks.

Something is awry.

The United States as well as Israel and Russia, have vastly BETTER tools and people at their disposal. You would never, EVER see something as clever as Stuxnet coming out of the PLA. Like everything else, what China lacks in quality, it makes up for in quantity. Both Chinese state actors and tacitly approved patriotic hackers number in the tens of thousands. Because of this, attacks are numerous and poorly disguised. Recall that Google was able to backtrace an attack while it was still underway. On the other hand, it takes years to find out what the NSA has been up to.

Honestly, though, that's not even their biggest problem. China has stolen so much data (and continues to do so) their biggest challenge is probably parsing the terabytes of raw data into usable info and then distributing it to people and groups that can take advantage of it.

The US intelligence community has long warned that China's government has been waging a campaign of industrial and military espionage through hacking. And for just as long, China's government has denounced the claims as fraudulent, claiming that it has constantly offered to help crack down on hacking. Chinese officials responded today to Donlon's comments defensively but again claimed China was open to cooperation in cracking down on Internet threats.

China doesn't really have a choice when it comes to publicly denying that they are conducting industrial and military espionage on US sovereign territory. They have no choice because the US has made it policy that performing these hacks is basically an act of war.

The issue here is that US is doing the exact same thing and has been for ages. Plus there is the tiny issue of Chinese actually having ICBMs that can nuke the shit out of quite a few cities in US. So this is not afghanistan or some similar country that can't defend itself against US. Stick to picking on people without nukes (strangely enough that kind of behaviour by US is what is pushing everyone to get nukes as it's the only way to keep the fucks at bay).

China doesn't really have a choice when it comes to publicly denying that they are conducting industrial and military espionage on US sovereign territory. They have no choice because the US has made it policy that performing these hacks is basically an act of war.

Nah. China isn't concerned about a war with the US (because it's not going to happen). This is more about plausible deniability and saving face.

Since the problem is an essentially invisible externality to management at companies, this might be an area where regulations and legislation is beneficial. Also, some serious research funding seems in order. Dangle money as an incentive, but require companies to warranty their technology, and require them to forfeit money to lone hackers who can demonstrate vulnerabilities.

It is troublesome that our government is simply asking them to stop for a couple of reasons.

1.)I don't believe we aren't doing this same type of "warfare" to them.2.) Asking them to stop hints towards a frustration coming from our government

What worries me more is number 2. Is our government frustrated because they simply cannot compete at this type of warfare for the time being? Or are they they feigning frustration just to make an attempt to get China to back off while they continue their attacks.

Something is awry.

By "Our government" you mean China right? Because those of us who live in the free world use evidence instead of propaganda and there is no evidence that the US government is hacking Chinese companies.

Really? The extent of this administration's foreign policy and diplomatic skills is "pretty please with sugar on top?"

There's a reason why the US has been viewed as weak and an appeaser nation for the past few years. It will be interesting to see how this administration handles the coming showdown with Iran that the rest of the world seems to be getting ready and pushing for.

You mean as opposed to the last administration where the US was viewed as a bunch of gun-waving vigilante nutjobs? It seems like one can't win at foreign policy here.

You know, for a country which has such a tightly controlled internet system ("Great Firewall of China"), you would think that they would be able to monitor and blacklist/block such traffic, or at least be very aware of where it's coming from in order to be able to do something about it.

Looking at my server logs just really bolsters the fact that not only are these people hacking with impunity, it happens with great frequency, and again with the tight controls on internet access it has to be with their implicit consent. Seriously, reverse IP lookups for SSH login attempts: China, China, China, Afghanistan, China, China, China, Great Britain, China, China, China. 90% of all inbound attacks resolve to Chinese IP addresses, and for crying out loud, it's just a webserver for my small business (and my cousins and GFs websites). Of course, it could be open proxies, but still...